Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1561 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Upgrade from 9.5 to 10.0

GuiGui

Hello all,

We have upgrading our version of Sophos from 9.5 to 10.

On the server, version 9.5 is installed.

I have just installed version 10.0 and when I try to deploy a client which already have a 9.5 version, it doesn't work ; version 9.5 stay (icon in the bottom right does not change, it is always the purple shield.).

Any idea ?

:25575


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    My first question would be are you re-protecting these machines or changing their policy to point to a distribution location with the later version?

    Typically, you may have a couple of subscriptions, call them SAV9 and SAV10.  These 2 subscriptions would create 2 different CIDs which you can see listed in the view bootstrap locations.  E.g.

    SAV9  - \\server\sophosupdate\CIDs\S000\

    SAV10 - \\server\sophosupdate\CIDs\S001\

    You would push SAV to a machine once from SEC or a install script, then in the future, adjust the updating policy the machine is using to point to the relevant subscription which translates into a different updating location for the client;  on next update it pulls down the new version and updates.

    If for example you have the SAV9 subscription, creating the CID:
    \\server\sophosupdate\CIDs\S000\

    The updating policy linked to the SEC group the client is in has this SAV9 subscription selected.  You may then choose to create a SAV10 subscription, which will create for example:

    \\server\sophosupdate\CIDs\S001\

    Rather than protecting the machine again, you would just change the policy linked to the group to use the SAV10 subscription (or you could move the machine to a different group with an updating policy linked with the SAV10 subscription lined to it), the client would then point to:
     \\server\sophosupdate\CIDs\S001\

    pull down the updates and install.

    Essentially for managed installs you should never really need to re-protect them, it just creates unnecessary churn and also depending on how you do the re-protect, you could end up with it downgrading again if the updating policy is pointing back to the original CID.

    Otherwise, the logs of the client you feel hasn't upgrades would be in \windows\temp\.

    Regards,

    Jak

    :25577
Reply
  • 0

    HI,

    My first question would be are you re-protecting these machines or changing their policy to point to a distribution location with the later version?

    Typically, you may have a couple of subscriptions, call them SAV9 and SAV10.  These 2 subscriptions would create 2 different CIDs which you can see listed in the view bootstrap locations.  E.g.

    SAV9  - \\server\sophosupdate\CIDs\S000\

    SAV10 - \\server\sophosupdate\CIDs\S001\

    You would push SAV to a machine once from SEC or a install script, then in the future, adjust the updating policy the machine is using to point to the relevant subscription which translates into a different updating location for the client;  on next update it pulls down the new version and updates.

    If for example you have the SAV9 subscription, creating the CID:
    \\server\sophosupdate\CIDs\S000\

    The updating policy linked to the SEC group the client is in has this SAV9 subscription selected.  You may then choose to create a SAV10 subscription, which will create for example:

    \\server\sophosupdate\CIDs\S001\

    Rather than protecting the machine again, you would just change the policy linked to the group to use the SAV10 subscription (or you could move the machine to a different group with an updating policy linked with the SAV10 subscription lined to it), the client would then point to:
     \\server\sophosupdate\CIDs\S001\

    pull down the updates and install.

    Essentially for managed installs you should never really need to re-protect them, it just creates unnecessary churn and also depending on how you do the re-protect, you could end up with it downgrading again if the updating policy is pointing back to the original CID.

    Otherwise, the logs of the client you feel hasn't upgrades would be in \windows\temp\.

    Regards,

    Jak

    :25577
Children
No Data